Negotiated wireless peripheral systems

ABSTRACT

Methods, apparatus, and business techniques are disclosed for use in mobile network communication systems. A mobile unit such as a smart phone is preferably equipped with a wireless local area network connection and a wireless wide area network connection. The local area network connection is used to establish a position-dependent ecommerce network connection with a wireless product or service access device supplied by a vendor. A negotiation sequence is carried out to electronically contract the services of the negotiated wireless peripheral from the vendor using a prepaid ecommerce protocol. The negotiated wireless peripheral is a general product or service vending device and the mobile unit acts as a digital authentication and payment device with digital pre-paid payment capabilities. The techniques are useful in many applications to include ticketing and admission systems to events and other types of services that involve ticketing.

This application is a division of U.S. patent application Ser. No.09/935,116, filed Aug. 22, 2001, now U.S. Pat. No. 6,965,914, which is acontinuation-in-part of U.S. patent application Ser. No. 09/698,882,filed Oct. 27, 2000, now U.S. Pat. No. 7,035,932 and U.S. patentapplication Ser. No. 09/722,981, filed Nov. 27. 2000, now abandoned bythe same applicant.

BACKGROUND OF THE INVENTION

1. Field of the Invention

This invention relates generally to mobile data network infrastructuremethods and systems. More particularly, the invention relates to methodsand systems that allow mobile devices to wirelessly contract forproducts and services that can result in a temporary expansion of mobileunit capabilities.

2. Description of the Related Art

Wireless networks have been evolving rapidly since the early 1980's whenthe first generation cellular telephone network was deployed. By thistime the third generation network technologies are fairly well definedand initial deployments are beginning. Already, fourth generationsystems are in the research phase. A key difference between the firstgeneration systems and modern systems is the move from circuit switchedanalog technology to packet switched digital technology. While earlycellular telephones were wireless versions of standard analogtelephones, newer cellular and PCS (personal communication system)phones provide both voice and data channels. It is envisioned that inthe future both the voice and data traffic will be carried by a unifiedpacket switched network.

A key attribute of third generation (3G) cellular systems is theirability to handle data traffic. To the user, this means a cellular phonecan provide Internet connectivity. A “smart phone” is a device thatprovides voice connectivity, data connectivity and computerizedapplication programs such as those as offered by PDA (personal digitalassistant) technology.

A key problem faced by smart phones is their limited user interfacecapabilities. Smart phones need to be compact in design. As such, atypical smart phone has a relatively small display surface and atelephone-sized keypad. While a smart phone may be able to providewireless Internet capabilities, its limited display surface areaprecludes it from providing a full featured web browser as found ondesktop systems. Some prior art systems use speech recognition and voicebased operating system techniques to address the user interface sizeconstraints imposed by smart phones. Still, voice based user interfacesare cumbersome in the way they control complex data entry and menunavigation requirements that arise in operating systems and applicationprograms such as spread sheets.

Prior art systems understand the restricted user interface capabilitiesof smart phones and similar mobile devices. As such, various dialects ofXML (eXtensible Markup Language) have been developed to allow content tobe customized for interactive display on specific types of smart phonesand other mobile devices. A variation of XML known as WML (WirelessMarkup Language) includes language constructs (e.g., tag sets) thatallow a server to deliver customized content to a mobile device made bya specific manufacturer and having a specific model number. This allowsthe content to be customized for the specific user interfaceconfiguration supplied by the mobile device.

In general, a device-specific user interface that involves a restricteddisplay area and a fixed set of user interface buttons, such as thosefound on a smart phone or a PDA is called an “area-constrained userinterface.” A user interface found on a desktop system such as a PC orworkstations is called a “non-area-constrained user interface.”

Typically, systems with non-area constrained user interfaces involve adesktop user interface. For example, a desktop user interface is foundon computer systems such as those running the Windows™ or X-Windows™operating systems. In general, any graphical user interface that allowsa user to make menu selections and/or icon selections in a non-areaconstrained environment can be thought of as a desktop interface.Typically, desktop interfaces use pointing devices such as mouse devicesand also provide optional keyboard support. Some desktop user interfacesalso provide speech recognition and voice based prompts.

It should be noted that different models of smart phones and othermobile devices will have different display surface sizes and shapes, anddifferent sets of keys on different types of keypads (area-constrained).This is in contrast to desktop systems that can all be assumed to have adesktop sized monitor, a standard keyboard, and a mouse (non-areaconstrained). While WML and similar technologies can be used to specifyhow content should be delivered to a variety of smart phone devices, thedisplay surface area and keypad surface area limitations remain. A smartphone is generally limited in its set of peripherals and therefore isincapable of providing the type of user interface that can be suppliedby computer systems with full sized display surfaces, keyboards, andother devices such as pointing devices.

Other problems with existing technology include the unavailability oftechniques and protocols to allow smart phones to use a wLAN (wirelesslocal area network) connection or a wWAN (wireless wide area network)connection to contract with local entities to provide products andservices. Enhanced systems and methods are lacking to allow a user of amobile unit such as a smart phone to negotiate with a local wirelessdevice and contract products and services therefrom.

Prior art systems have been developed to allow users to access theirhome or office applications while away on the road. For examplecompanies like Oracle Inc. supply portal software. Portal softwareallows users to log into a computer system remotely and gain access toboth standard web content interfaces and back office applicationinterfaces. That is, a portal is an application server that provides aninterface between remote network users and application programs runningin an enterprise environment such as a home or an office. For example,using a portal, a remote worker could log into a portal server andaccess several application programs such as email programs andspreadsheets that run on a home or office computer. Still, while portalsoftware is useful, in many cases the mobile user is restricted by alimited UI (user interface) such as the one provided by a smart phone.Smart phone UI's do not typically provide a display surface sufficientto support a full-scale desktop UI. This inhibits smart phone users fromworking with traditional desktop applications. It would be desirable tohave an application server or portal that could supply the look and feelof a full home/office desktop system to smart phone users. It would bedesirable for smart phone users to be able to use the smart phone toaccess a full-sized desktop UI. It would also be desirable for smartphone users to be able to use the limited smart phone UI when needed tosupport mobility.

It would be desirable to have a mobile unit that could provide a compactsmart phone UI to a user, but could then be reconfigured to support afull desktop style UI so that the user could work on desktopapplications while away from the home or office. For example, it wouldbe desirable for a user of a smart phone who is waiting in an airport orstaying in a hotel room to be able to walk up to a peripheralaugmentation subsystem that supplies hardware support for a temporarilyextended UI. It would be desirable for the smart phone to wirelesslynegotiate with the peripheral augmentation subsystem to pay for servicesrendered using either a per-usage payment schedule or a by-subscriptionpayment schedule. It would also be desirable to have a global desktopserver that could be used to allow mobile users to see images of theirdesktop applications as though they were back at their home office. Withthe availability of such peripheral augmentation equipment, users couldcarry smart phones and enjoy all of the capabilities of full desktopsystems when needed. It would further be desirable to have businessmethods to support the use of contracted peripherals and global desktopservices. It would also be desirable to also provide a means for amobile unit to set up position-dependent ecommerce sessions withwireless infrastructure vending devices that sell products and servicesbeside negotiated wireless peripheral services.

SUMMARY OF THE INVENTION

The present invention solves these and other problems by providingsystems and methods to enable a mobile unit to access an expanded set ofperipherals. The present invention includes various aspects as outlinedherein and in further detail in the detailed description.

A first aspect of the invention involves a negotiated wirelessperipheral. The negotiated wireless peripheral is an access point thatuses a short-range wireless transceiver to support a position-dependentecommerce session with a mobile unit such as a smart phone. Aposition-dependent ecommerce session is a session that is negotiatedbetween an access point and a mobile unit who agree upon a billingarrangement in order for the access point to provide a product and/or aservice to the mobile unit. The negotiated wireless peripheral alsoincludes a negotiation module coupled to the short-range wirelesstransceiver. The negotiation module is used to engage in a handshakingsequence with the mobile unit to establish the position-dependentecommerce session. The negotiated wireless peripheral also incorporatesa service module to supply a product or service such as a peripheralaugmentation service to the mobile unit. A peripheral augmentationservice allows an area-constrained user interface to be replaced with anon-area-constrained user interface such as the kind found on desktopsystems. A contract module is used to negotiate a billing arrangementwith the mobile unit for services rendered. Related methods practiced bythe negotiated wireless peripheral are also taught.

Another aspect of the invention involves various architectures formobile units who contract services from wireless negotiated peripheraldevices. These mobile units also communicate with network servers suchas application services and or telephony services. For example, a mobileunit communicates with an application server and augments its peripheralcapabilities by contracting with a negotiated wireless peripheral. In anassociated method, the mobile unit provides an operating system thatsupports an area-constrained user interface. For example, the mobileunit may correspond to a smart phone. The mobile unit communicates witha network server in accordance with a wireless wide area network (wWAN)protocol. The network server may be an application server or a telephonyserver, for example. The mobile unit also communicates with a negotiatedwireless peripheral access point device and engages in a handshakingsequence with therewith to establish a position-dependent ecommercesession. The mobile unit next negotiates a billing arrangement with thenegotiated wireless peripheral to contract for a product or service suchas a peripheral augmentation service. The mobile unit then update aconfiguration definition to reconfigure itself to operate with theperipheral augmentation service. For example, if the mobile unit has anarea-constrained user interface, the mobile unit plus the augmentedperipheral service is able to operate a non-area constrained userinterface as found on a desktop computer system.

Other aspects of the present invention center around application serviceprovider (ASP) servers and related methods. The ASP server suppliesapplication services to remote users such as network client devices, andmore specifically, mobile units with area-constrained user interfaces.The ASP server performs server-side transactions with remote clients viaa communications network such as the Internet and performs server-sidecomputing functions in a client-server computing system. The ASP serverdelivers content customized according to the area-constrained userinterface of the mobile unit, for example, using WML based content. TheASP server also maintains a parameter defining a mobile deviceperipheral-set configuration. The ASP server transmits contentcustomized to the area-constrained user interface of the mobile unit.The ASP server later receives a mobile device peripheral-setreconfiguration message and subsequently transmits to the mobile unitcontent that customized for a non-area constrained user interface. Inpreferred embodiments, the ASP server is a stand-alone applicationserver or is a portal to a home or office computer system (e.g.,enterprise intranet). The ASP server allows mobile users to access theirdesktop applications as if they were in the office.

Another aspect of the invention involves methods of selling negotiatedwireless peripheral services. In one such method, the selling isperformed with the assistance of associates. A plurality of associatesare enrolled into a federation using an on-line registration system.Associates indicate peripheral augmentation service provided thenegotiated wireless peripheral devices that they supply to thefederation. A network session is established between a management serverand the negotiated wireless peripheral device provided by an associate.The negotiated peripheral device (or the management server acting on itsbehalf) receives a request to establish a position-dependent ecommercesession from a mobile unit. A billing arrangement is negotiated with themobile unit to provide a peripheral augmentation service to the mobileunit, the service is provided, and the mobile unit is billed. Theassociate is then compensated.

The invention has other related aspects such as business methods,methods of selling tickets to events, methods of using negotiatedwireless peripherals in Mobile IP networks, distributed object relatedmethods, and methods of selling tickets to events, and methods ofselling products, services, and electronic tokens. Each of these methodsgenerally involves a mobile unit, a negotiated wireless peripheral, andone or more network servers. For further details, see the detaileddescription of the preferred embodiments.

BRIEF DESCRIPTION OF THE FIGURES

The various novel features of the present invention are illustrated inthe figures listed below and described in the detailed description thatfollows.

FIG. 1 is a block diagram representing an embodiment of a systeminvolving a mobile unit, a negotiated wireless peripheral, and variousserver systems attached to a network.

FIG. 2 is a block diagram illustrating an embodiment of a wirelessnegotiated peripheral.

FIG. 3 is a block diagram illustrating an implementation of a mobileunit designed to interface with negotiated wireless peripheral devicesand network servers.

FIG. 4 is a block diagram of a network server or portal adapted foroperation with mobile units that contract peripheral services withnegotiated wireless peripheral devices.

FIG. 5 is a flow chart illustrating a method of processing carried outin a negotiated wireless-vending device such as a negotiated wirelessperipheral.

FIG. 6 is a flow chart illustrating a method of processing carried outin a mobile unit adapted to interface with a negotiated wirelessperipheral.

FIG. 7 is a flow chart illustrating a method of processing carried outin a network server adapted to interface with a mobile unit whoseperipheral configuration can be augmented by contracting with anegotiated wireless peripheral.

FIG. 8 is a flow chart illustrating business methods and methods ofprocessing used in networks incorporating negotiated wirelessperipherals.

FIG. 9 is a flow chart illustrating methods for selling tickets and/ortokens using negotiated wireless vending techniques.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS

FIG. 1 is a block diagram representing an illustrative system embodiment100 of a system configuration used to support the present invention. Thesystem 100 includes a NWP (negotiated wireless peripheral) 105. The NWP105 is coupled to a mobile unit 125. As is discussed in further detailhereinbelow, the NWP 105 can correspond to a peripheral device that canbe temporarily attached to the mobile unit 125 on a negotiated contractbasis. For example, the mobile unit 125 may be a smart phone with alimited UI. The NWP 105 may involve a full sized display monitor, a fullsized keyboard, and a mouse-pointing device. The mobile unit 125negotiates with the NWP 105 to contract its services. Once contracted,the NWP 105 acts as an extension to the mobile unit 125 and the mobileunit 125 can act as a full-featured desktop system. As is discussedbelow, the NWP 105 can also be configured to provide products and/orservices other than peripheral augmentations. In such cases, the NWP 105can be thought of as a wirelessly controlled vending device. In eithercase, the NWP 105 joins the mobile unit 125 in a session and providessome type of product, service or peripheral augmentation to the mobileunit 125.

In the system embodiment 100, the NWP optionally includes a WANconnection 110 to a WAN 115. The WAN connection 110 can be wireless,corresponding to a wWAN (wireless wide area network) connection or caninvolve a wireline connection (e.g., twisted pair, coaxial cable, orfiber optic). The WAN 115 typically corresponds to the Internet, but canalso correspond to an enterprise wide WAN, a VPN (virtual privatenetwork), and/or a set of switched or leased lines (DS0, DS1, DS3, ISDN,etc.) through a PSTN (public switched telephone network). In the systemembodiment 100, the NWP also optionally includes a wLAN (wireless localarea network) connection 120 for coupling to the mobile unit 125. TheNWP preferably includes both the wWAN connection 110 and the wLANconnection 120, but in some embodiments the NWP may include only one orthe other.

Also connected to the WAN 115 is an ASP (applications service provider)server 135, an NWP management server 140, an optional home/officecomputer system 145, and an telephony server 150. In some embodiments,only a subset of the servers 135, 140, 145 and 150 may be present.

As discussed in more detail below, the ASP server 135 (more generallycalled an “application server”) preferably supplies global desktopservices and optionally other application and file system services tothe mobile unit 125. The NWP 105 preferably interacts with the NWPmanagement server 140 (more generally called a “management server”). Insuch embodiments, the NWP management server 140 generally serves tocontrol an installed base of NWP access points. For example, when theNWP 105 negotiates with the mobile unit 125 to supply a product orservice, the NWP 105 uses the NWP management server 140 as auser/payment-authentication resource, a billing server, and as a recordkeeping server. Specific examples illustrating how the NWP 105 the NWPmanagement server 140 interact are discussed below. In some embodiments,the NWP 105 does not interact with a server at all, but accepts digitaldebit payment directly from the mobile unit. However, in most of theenvisioned embodiments, the NWP 105 is coupled to the NWP managementserver 140 and interacts therewith. In some embodiments, the ASP server135 and the NWP management server 140 can be collocated and merged. Forexample, a company that supplies global desktop application servicesfrom the ASP server 135 can be the same company that manages theinstalled base of NWP devices from the NWP management server 140.

The computer system 145 represents a home computer, an office computer,or an enterprise computer system (e.g., an intranet or a VPN-definedsubnetwork of an intranet). For example, the computer system 145 mayinvolve a personal computer configured to provide server capabilities,or may involve a network comprising one or more PC's workstations anddedicated network servers. In either case, the computer system 145 canbe used to supply desktop files and/or applications to the mobile unit125. For example, these applications can include standard web-browsercontrolled applications or standard back-office computing applications.A portal software module as known in the art is used to allow thecomputer system 145 to make applications and files accessible to remoteusers. Portals enable the user of the mobile unit 125 to be able to workon applications such as back-office and desktop applications while awayfrom the home or office.

In some embodiments, the ASP server 135 is used to host applications andfiles for clients (e.g., home or enterprise clients). In suchembodiments, the ASP server 135 offloads the application processing fromits ASP customers. The ASP customers are client devices and the ASPserver is a server device. The clients and the server engage inclient-server computing transactions as are known in the art. That is, aserver delivers application services to a client in a client-serverapplication session. The client-server application session typically isimplemented at the application layer but can be implemented at otherlayers as well. Mobile client devices are typically limited by theirarea-constrained user interface capabilities. The ASP server 135 is alsopreferably is coupled to storage media, for example to a storage areanetwork to support client file systems. Clients to the ASP server 135act much like terminals and the ASP server 135 acts much like a networkmainframe computer. One advantage of such as configuration is thatcustomers to the ASP server 135 can access their applications fromanywhere reachable from the WAN 115. This generally provides globalaccessibility to applications and related data. In accordance with anaspect of the present invention, the ASP server 135 provides a globaldesktop user interface to users. This interface allows a user to workfrom a client computer attached to the WAN as though he or she wereworking on a home office computer to include a computer system in theback office. The UI (user interface) as designed in accordance with anaspect of the present invention looks much like a standard UI of anoperating system such as Windows™ or X-Windows™, for example. In thistype of inventive system, the ASP 135 supplies a global desktopinterface to users and this interface can be reached from a smart phonethat has its peripheral set temporarily expanded by the NWP 105. Whenthe user of the smart phone is on the road and is away from an NWP 105,the ASP server 135 supplies a limited UI customized to the hardware ofthe mobile unit 125.

The same basic functionality supplied by the ASP server 135 can besupplied by coupling a portal software module to the home/officecomputer 145. For example, consider the case where the computer system145 corresponds to a subnetwork of computers connected together via anenterprise intranet. In this case the portal software module can besupplied to allow mobile workers to access the applications on theenterprise intranet from remote access points via the WAN 115. Theportal is responsible for user authentication and access control.Similarly, the portal is responsible for supplying the same type ofglobal-desktop UI capabilities as supplied by the ASP server 135. Insome systems, for security reasons, firewall technology may be used toprohibit external access to certain data repositories and applications.

In some embodiments, enterprises may use a combination of the computersystem 145 with a portal and an external ASP 135. In such embodiments,user can log into the ASP server 135 for as first set of applicationsand to the portal of the computer system 145 for a second set of filesand applications. Likewise, either the ASP server 135 or the computersystem 145 can execute a software module that conglomerates the twosources of files and applications to provide a unified interface.Optionally, the user may selectively elect to see the user interface ofonly the ASP 135, the computer system 145 or the merged set. Hence thepresent invention contemplates merging applications and file systemsfrom different computer resources available from the WAN 115 to supply aunified interface to a user. As an example, the global desktop mayinclude certain applications from the ASP 135 and an email applicationfrom the computer system 145 or an external email resource such as AOL™(America on-line). In such cases, RDF (resource description framework)files may be used to describe a user's desktop UI where differentwindows and applications are aggregated from different networkaddresses. For further details of how to implement such embodiments, seethe documentation of Mozilla™ based browsers and the RDF standards.

While global desktop applications have been discussed, it should beappreciated that other types of application programs beside desktopapplications can be supported by the system 100. For example, the NWP105 can supply a video conferencing UI or a video on demand UI forentertainment purposes. In general, the NWP 105 can contract to supplyproducts and services to the mobile unit 125. In a more generalembodiment, the mobile unit 125 acts as a digital authentication andpayment device, while the NWP acts as a product and/or service-vendingdevice.

The telephony server 150 can involve an Internet telephony server (e.g.,SIP—session initiation protocol) or a cellular network such as a 3G (or4G, 5G, . . . ) system. The WAN 115 can be thought of as encompassingany or all of the Internet, any attached intranets, cellular networks,and the PSTN. Communication between servers and other devices in thesystem 100 may involve any of these communication means or other meanssuch as satellite based networks. More details regarding the operationof the system 100 is discussed in connection with FIGS. 2–10.

An embodiment of the NWP 105 is illustrated in block diagram form inFIG. 2. The NWP 105 is illustrated as a hardware/software block diagramwhereby certain blocks involve hardware and software, and other blocksrepresent software modules. This type of block diagram is also used inFIGS. 3 and 4. It is to be understood that the software modules exist insoftware, and in the physical embodiment the software is typically codedinto a memory device that is coupled to a processor according to a VonNeumann architecture as is well known in the art. Other hardwarearchitectures such as distributed multiprocessor architectures,programmable gate array architectures or other hardwired (possiblyreconfigurable) architectures can be used to implement thehardware/software apparatus as taught in FIGS. 2–4 without departingfrom the scope of the present invention.

A preferred embodiment of the NWP 105 includes a wLAN transceiver 205 tosupport the wLAN connection 120. In addition, the preferred embodimentpreferably includes a WAN transceiver 210 to support the WAN connection110. The WAN transceiver 210 may involve, for example, a WCDMAconnection (wWAN) or a wireline connection such as a fiber opticconnection, a T1 line, an ISDN line, an xDSL connection, or a V.90modem. In specific embodiments, the NWP 105 may be implemented with oneor both of the transceivers 205, 210. The transceiver 205 and thetransceiver 210 each support at least one lower layer of a protocolstack and are each connected to a software module 215 that implements atleast one upper layer of a protocol stack. Depending on the embodiment,the software module 215 may implement one or more upper layers foreither one or two protocol stacks. For example, separate protocol stacksmay be used for the wLAN 205 and the WAN 210, or the same set of upperlayers may be shared among the wLAN 205 and the WAN 210. Also, in someembodiments the software module 215 may be implemented as separatemodules that are integrated into the transceivers 205 and 210. In eithercase, both the transceivers 205 and 210 are controlled by a protocolstack. In an exemplary embodiment, the wLAN transceiver implements oneof Bluetooth™, HiperLAN™, IEEE 802.11, DECT™, or HomeRF™ at the lowerlayers and possibly TCP/IP and/or WAP™ at the upper layers. Meanwhile,in this example, the WAN transceiver implements 3G WCDMA or a wirelineprotocol (e.g., xDSL) at the lower layers and TCP/IP at the upperlayers.

Coupled to the protocol stack upper layers is a negotiation module 220.The negotiation module 220 can be implemented at various software layersand is preferably implemented at a session layer or an applicationlayer. It is recognized that different communication protocols usedifferent types of protocol stacks with different types of protocollayer definitions. The appropriate layer at which the negotiation module220 is implemented is thus dependent on the protocol stack used and theoverall software design of a given embodiment. Also, as is understood byskilled artisans, the negotiation module 220 can be implemented as asublayer or as a shim between protocol stack layers. As is discussed infurther detail below, the negotiation module 220 is responsible fornegotiating the use of a position-dependent ecommerce session betweenthe NWP 105 and the mobile unit 125. Position-dependent ecommercesessions are also defined in greater detail below.

In the embodiment shown, coupled to the negotiation module 220 is anauthorization module 225, a contract module 235, an authorization list230, a billing module 240 and a services module 245. While theinterconnection of these modules is shown as a star topology whose rootis the negotiation module, these modules can communicate in other ways,for example any of the illustrated software modules could communicatewith one another via function calls, shared memory messaging, operatingsystem messages, or direct hardware connections in a specificembodiment. For example, in one embodiment the authorization module 225directly accesses the authorization list 230. Hence it is to beunderstood that the illustrative star-interconnection topology can bemodified in specific embodiments without departing from the scope of thepresent invention.

It should also be noted that in some embodiments, some or all of themodules 220, 225, 230, 235, 240 and 245 may be missing. This is becauseembodiments that make use of the WAN connection 110 can implementvarious software modules in the NWP management server 140. In suchcases, the WAN connection 110 is used to communicate with the NWPmanagement server 140 and some or all of the modules 220–245 areimplemented in the NWP management server 140.

Not shown in the NWP 105, but present in some embodiments, is amultiplexer. The multiplexer may be implemented at or between any of thelayers of the protocol stack 215. The multiplexer is used to allow aplurality of NWP's to share network resources such as the wLANtransceiver 205 and/or the WAN transceiver 210. In such embodiments, thewLAN and/or WAN connections are shared among a plurality of servicemodules 245. The negotiation module 220 and its associated resources mayalso be shared. In such embodiments, only the services module 245 needsto be replicated. For example, in an airport, a set of NWP terminals maybe provided in a waiting area to allow travelers to access their desktopapplications. While the travelers may see twenty NWP access points,using the multiplexer, all of these access points may share one or morewLAN connections and a single WAN connection.

As used herein, the term “position-dependent ecommerce session” carriesa specific meaning. Firstly, a position-dependent ecommerce session isposition dependent. That is, the NWP 105 and the mobile unit 125 must begeographically collocated into a geographical vicinity, for example zeroto one hundred feet. In many cases the geographical vicinity will besmaller, for example zero to ten or twenty feet. When wLAN technologiesare involved, the size of the geographical vicinity is generallydetermined by the range of the wLAN technology. Also, theposition-dependent ecommerce session involves an admission protocolinvolving one or more admission rules. A position-dependent ecommercesession is open to any station that enters the geographic vicinity,performs session set-up negotiation handshaking using the admissionprotocol, and satisfies the admission rules. In a position-dependentecommerce session, a first network entity offers a product or servicefor sale and a second network entity uses the admission protocol tohandshake with the first network entity to enter into a negotiatedcontract to be able to purchase the product or service from the firstnetwork entity. In one example, the admission policy involves the secondentity sending a digital debit instrument (digital cash, digital check,or digital debit card), to the first entity. Similarly, the secondentity can perform a credit card transaction with the first entity.Also, the second entity can authenticate itself as an account holder forthe products and/or services offered by the first entity. When the firstand second network entities part ways and are no longer both within thesame geographical vicinity, the position-dependent ecommerce session isdisconnected. Alternatively, either entity can cause the session to beended prematurely.

While a common type of position-dependent ecommerce session isestablished via the wLAN connection 120, in a different type ofembodiment, the position-dependent ecommerce session can be establishedvia the WAN 115. For example, in one type of embodiment the mobile unit125 can be implemented to include GPS receiver. Similarly, the GPSreceiver might be augmented with a local positioning system (LPS)receiver to process local pseudo-satellite-like signals that allow themobile unit to know a precise indoor location, for example. In general,the mobile unit 125 may be capable of determining its geographicalposition relative to reference locations. In such systems, the mobileunit couples an indication of its current position (e.g., GPScoordinates) to the NWP management server 140. The NWP management server140 then acts as a proxy for a position-dependent ecommerce sessionbetween the mobile unit 125 and the NWP 105 access point in theimmediate vicinity of the mobile unit 125. In similar embodiments, theNWP management server 140 provides parameters to the mobile unit 125 sothat it can engage in a direct position-dependent ecommerce session withthe NWP 105 via the WAN 115.

Position-dependent ecommerce sessions can also be set up with userintervention. In such embodiments, the NWP management server 140 offersa web-site style interface to users. Preferably the offered web-sitestyle interface is implemented to customize content for various types ofmobile clients devices. For example, the web-site style interface iswritten in a markup language such as WML. In such embodiments, theweb-site style interface provides a dialog window to allow a user toenter an NWP identification code. The NWP identification code madevisible on the NWP 105 so that a user can read the NWP identificationcode when the user is standing in front of the NWP 105. The user entersthe identification code, and then the NWP management server 140activates a link to allow the mobile unit 125 to communicate with theNWP 105 whose identification code was entered. This visual techniqueallows the mobile unit 125 and the NWP 105 to initiate aposition-dependent ecommerce session without the need for a wLANconnection or a positioning device such as a GPS receiver. In a similarembodiment, the NWP 105 can display a URI or URL that can be entereddirectly into the mobile unit 125's UI in order to create a connectionwith the NWP 105. Note that the NWP identification code, URL or URI canbe physically printed onto the NWP 105 or can be electronicallydisplayed on a display surface provided by the NWP 105.

In operation, the mobile unit 125 and the NWP 105 establish aposition-dependent ecommerce session. The mobile unit 125 engages in theadmission protocol and is then able to access products and/or servicesfrom the NWP 105. The NWP management server 140 supports the NWP bykeeping user account information and/or managing digital debit and/orcredit card transactions. In some cases the mobile unit 125 uses the NWP105 to access other services such as those provided by the ASP server135.

In one type of embodiment, the NWP 105 acts as a peripheral augmentationmodule for the mobile unit 125. In this exemplary embodiment, the mobileunit 125 and the NWP 105 establish a position-dependent ecommercesession via the wLAN connection 120. In order to establish theposition-dependent ecommerce session, the NWP 105 receives an admissionrequest from the mobile unit 125. The negotiation module 220 processesthe admission request. The negotiation module 220 usually interacts withthe NWP management server 140 who then supplies information needed toimplement the position-dependent ecommerce session's admission protocol.

For example the mobile unit 125 supplies a digital debit instrument(digital cash or digital check or digital debit card), a credit cardnumber, or a subscriber account number as a part of the admissionprotocol. The authorization module 225 either accepts the digital debitor uses the wWAN connection 110 to verify the credit card number oraccount number. Even when digital debit is used, the authorizationmodule preferably interacts with the NWP management server 140 to havethe digital debit authenticated. The optional authorization list 230 isconsulted in the case the NWP 105 has local accounts, but in most casesthe authorization module performs a WAN transaction with the NWPmanagement server 140 to determine whether the mobile 125 has an accountwith the NWP management system. Depending on a set of parametersassociated with the user, the contract module 235 sets a rate forservices. For example the services may cost different amounts atdifferent times of day, or there may be different rates set depending onwhether digital debit, credit card, or an existing subscriber accountcontract is used for payment. In some embodiments the contract module235 may elect to not charge any direct user fees. This might occur, forexample in a restaurant that may provide free NWP 105 services toencourage customers to come in. Also, the contract module may beimplemented as a part of the NWP management server 140. Differentembodiments split the NWP admission and billing related processingbetween the NWP 105 and the NWP management server 140 in different ways.

Once the negotiation module 220 has granted the mobile unit 125 access,the services module 245 is activated. The services module 245 provides aproduct or service to the mobile unit 125. For example, the NWP 105provides a peripheral augmentation service that provides access to theuse of a full sized display monitor, a full sized computer keyboard, anda mouse pointing device. In this embodiment, the services module 245activates the I/O devices by redirecting I/O streams to the mobile unit125 via the wLAN connection 120. In embodiments where the wLANconnection 120 does not exist, the I/O streams are redirected to themobile unit 125 via the WAN 115. In either case, the mobile unit 125 isable to temporarily function as a full desktop system. The NWP 105 mayalternatively augment the peripheral set in other ways, for example itcan supply a power connector to provide power to and/or recharge themobile unit. In many cases, the mobile unit will redirect input/outputstreams from an indigenous, area-constrained peripheral to the augmentedperipheral supplied by the NWP 105.

To continue with this example, the ASP server 135 provides a virtualdesktop UI with the user's set of application programs and user filesavailable as icons using the extended peripheral hardware supplied bythe NWP 105. Another service that can be provided by the NWP 105 in thistype of embodiment is WAN-traffic offloading. In embodiments involving aWAN-traffic off loading, the mobile unit 125's WAN connection isredirected through the NWP 105. This is useful mainly in cases where theNWP 105's WAN connection 110 involves a wireline connection. The NWP 105is often able to supply WAN access to the mobile unit 125 at a lowercost than the wWAN connection provided by the cellular carrier (e.g.,WCDMA carrier usage fees are higher than direct wired Internet usagefees).

In some embodiments, distributed object technology can be used toimplement various NWP services. Distributed object technology allowsobject-oriented classes to be defined that include a remote object and astub object (also known as a “proxy object”). The remote objectimplements one or more services and a communication protocol tocommunicate with the stub object. The stub provides the client with aset of application programmer's interface functions (called an“interface” in object-oriented programming terminology) to callfunctions (i.e., “invoke methods”). When a method is invoked on thestub, a remote procedure call and a set of parameters are marshaled intoa message and sent across a communication channel to the remote object.The server-side remote object then receives the message, unmarshals theparameters, invokes the corresponding method on behalf of the stubobject using the remote object, marshals a set of results into amessage, and sends the message back to the stub object.

In accordance with an aspect of the present invention, distributedobjects are defined having a stub object and a remote object residing onopposite ends of a position-dependent ecommerce session. For example,once the position-dependent ecommerce session is established and aservice is contracted, the NWP 105 instantiates a remote object andsends a representation of a stub object to the mobile unit 125. Themobile unit 125 then uses a standard set of object-oriented interfacesto invoke methods (i.e., function calls) on the stub object. The stubobject marshals the invocation and sends a message to the remote objectresiding in the NWP 105. The NWP 105 then invokes a corresponding methodin the remote object in order to provide the service to the mobile unit125. For example, the mobile unit writes to a display monitor byinvoking a stub method, and the stub method marshals the methodinvocation and sends it to the remote object. Then the remote objectexecutes a method to case the display monitor in the NWP 105 to bewritten. In general, the present invention contemplates the use ofdistributed objects to be set up between the NWP 105 and the mobile unit125 to support the delivery of services to the mobile unit 125. In somecases distributed objects may also be set up between the NWP 105 and theNWP management server 140, and/or between the mobile unit 125 and theNWP management server 140.

In the case of WAN offloading, the NWP 105 sends a stub object to themobile unit 125. The mobile unit 125 then overloads some of its protocolstack service access point methods with the methods defined over thestub object. When the mobile unit executes its WAN-based communicationroutines, the stub methods cause messages to be sent to the remoteobject in the NWP 105 via the wLAN 120 instead of being sent to thelower layers of the wWAN transceiver 310. The remote object in the NWP105 then routes the traffic using its WAN transceiver 210. This type ofredirection allows the NWP 105 to provide lower cost WAN access than canbe provided by the wWAN transceiver 310. For example, a fiber-basedimplementation of the WAN transceiver 210 can pass traffic moreeconomically than a 3G WCDMA transceiver in most cases.

It should be noted that the NWP 105 can be used for applications otherthan supplying an augmented set of peripherals and possibly a lower costWAN connection to a mobile unit. In other embodiments, the servicemodule 245 can provide vending capabilities to provide products andservices to the mobile unit 125. In such embodiments, the NWP 105 actslike a digital vending machine and the mobile unit 125 acts as a digitalauthentication and payment device. The mobile unit negotiates andauthenticates itself, usually with the assistance of the NWP managementserver 140. Once authenticated and authorized, a position-dependentecommerce session is initiated between the mobile unit 125 and the NWP105. The service module 245 is then used to supply the mobile unit 125access to a product or service. Examples and further details of generalvending capabilities are discussed in connection with FIGS. 5, 8 and 9.

Referring now to FIG. 3, an embodiment of the mobile unit 125 isillustrated in block diagram form. The block diagram involves ahardware/software system. The hardware architecture used to support sucha system is substantially the same as discussed in connection with toFIG. 2. A preferred embodiment of the mobile unit 125 preferablyincludes a wLAN transceiver 305 to support the wLAN connection 120. Inaddition, the preferred embodiment preferably includes a wWANtransceiver 310 to support a wireless connection (e.g., satellite, 2.5Gcellular, 3G WCDMA cellular, or later generation cellular). In somespecific embodiments, the mobile unit 125 may be implemented with onlyone or the other of the transceivers 305, 310. The transceiver 305 andthe transceiver 310 each support at least one lower layer of a protocolstack and are each connected to a software module 315 that implements atleast one upper layer of a protocol stack. Depending on the embodiment,the software module 315 may implement one or more upper layers foreither one or two protocol stacks. For example, separate protocol stacksmay be used for the wLAN transceiver 305 and the wWAN transceiver 310,or the same set of upper layers may be shared among the wLAN transceiver305 and the wWAN transceiver 310. Also, in some embodiments the softwaremodule 315 may be implemented as separate modules that are integratedinto the transceivers 305 and 310. In any case, each of the transceivers305 and 310 are controlled by a protocol stack. In an exemplaryembodiment, the wLAN transceiver implements one of Bluetooth™,HiperLAN™, IEEE 802.11, DECT™, or HomeRF™ at the lower layers andpossibly TCP/IP and/or WAP™ at the upper layers.

Coupled to the protocol stack upper layers is a negotiation module 320.The negotiation module 320 can be implemented at various software layerssimilarly to the negotiation module 220 as discussed in connection withFIG. 2. The negotiation module 320 is responsible for negotiating theuse of a position-dependent ecommerce session between the mobile unit125 and the NWP 105.

In the embodiment shown, coupled to the negotiation module 320 is acontract module 325, and a reconfiguration module 330. While theinterconnection of these modules is shown as a star topology whose rootis the negotiation module 320, these modules can communicate in otherways. For example any of the illustrated software modules couldcommunicate with one another via function calls, shared memorymessaging, operating system messages, or direct hardware connections ina specific embodiment. Also, in some embodiments the negotiation module320 may interact with a server side entity such as the NWP managementserver 140 who in this case manages a customer account related toservices provided by the NWP 105.

The mobile unit 125 also includes an OS (operating system) 335. The OS335 provides a UI (user interface) to the user via a display screen andpossibly a voice enabled operating system interface. To the OS 335 iscoupled a set of one or more application programs 340. The applicationprograms 340 access the OS 335 for services such as input and output.The OS 335 is also coupled via a NIM (network interface module) to theupper layers of the protocol stack 315. For example, in a preferredembodiment, the NIM translates socket service method invocations intotransport level messages for use by the protocol stack upper layers 315.

In operation, the mobile unit 125 establishes a position-dependentecommerce session with the NWP 105 using the wLAN connection 120. Inembodiments where no wLAN connection is present, session between themobile unit 125 and the NWP 125 is established via the WAN 115 asdiscussed in connection with FIG. 2. The mobile unit 125 sends atransmission to the NWP 105 requesting the position-dependent ecommercesession. The negotiation module 320 communicates with the negotiationmodule 220 in order to establish the session. The contract module 325 isused to supply user authentication parameters or to support a digitaldebit or a credit card transaction. In some instances no charge may beassessed. In such cases the contract module may still be asked to supplyuser identification data such as a digital signature or certificate.

The contract module 325 and the negotiation module 320 allow the mobileunit 125 to negotiate and contract to establish admission to aposition-dependent ecommerce session. The contract module 325 and thenegotiation module 320 allow the mobile unit 125 to act as a digitalauthentication and payment device. For example, if the NWP 105 comprisesa vending machine, the contract module 325 can be used to purchase acandy bar or a soft drink, and payment can be made by digital debit, acredit card transaction, or a charge to a user account.

Returning to applications where the NWP 105 supplies peripheral deviceextension services, once the negotiation module has negotiated aposition-dependent ecommerce session and contracted for peripheralaugmentations, notification is delivered to the reconfiguration module330. The reconfiguration module involves software and/or a datastructure that causes a device registry with the OS 335 to be modified.A device registry is a data structure or process that identifies a setof peripheral devices and/or device drivers that are in current use bythe OS 335. In some embodiments, a device reconfiguration message iscoupled to the one or more of the application programs 340. In otherembodiments, a reconfiguration message is coupled from the OS 335 viathe NIM 345 and the protocol stack 315, 310 to the ASP server 135. Ineither case, a peripheral-device-reconfiguration message is coupledeither from the OS 335 or the application program 340 to the ASP server135. This message notifies the ASP server 135 that an augmented(possibly changed or added to) set of peripherals are available to themobile unit and subsequent content should be customized accordingly.

The peripheral-device-reconfiguration message allows the ASP server 135to customize content for the mobile unit 125 given its modified set ofperipherals. When the position-dependent ecommerce session isterminated, another peripheral-device-reconfiguration message is sent toallow the ASP server 135 to once again customize content for the mobileunit 125 given its original set of peripherals. For example, the mobileunit 125 is temporarily coupled to the NWP 105 and the mobile unit 125is then reconfigured as a full desktop system. FIGS. 5–9 describe ingreater detail some exemplary coordinated operations involving themobile unit 125 and the NWP 105.

In some embodiments, the user may connect their own folding keyboard, anextension monitor display device, and a mouse, to an otherwisearea-constrained device. In such cases, ASP server 135 can be configuredand operated to practice the same basic methods as described herein inorder to reconfigure the content to be customized for the augmented setof non-area constrained peripherals.

In some embodiments software radio techniques may be employed. Forexample, the lower layer protocols of the wLAN may be software definedand vary from NWP to NWP or from region to region. To maintainflexibility in such situations, a standardized ping message may betransmitted via the wLAN 305, possibly at a set frequency or via an IRlink. Optionally the ping can be sent via the wWAN using GPScoordinates, local positioning information, or user entered informationsuch as an NWP identification code, URI or URL read off of the NWP. Thisallows the NWP management server to download an appropriate softwareradio definition to the mobile unit 125. The downloaded software radiodefinition may include software modules or pointers to a table ofsoftware protocol routines already loaded into the mobile unit 125. Ineither case, the mobile unit 125 executes the identified lower layers inorder to communicate via the wLAN. Software radio techniques can also beused to reconfigure the wWAN transceiver 310 when traveling intodifferent WAN system areas. The methods and systems described in thisapplication can be merged and applied along with the methods and systemsof the CIP-parent applications, i.e., U.S. patent application Ser. No.09/698,882, filed Oct. 27, 2000 and U.S. patent application Ser. No.09/722,981, filed Nov. 27, 2000 which are hereby are incorporated hereinby reference. The mobile unit 125, NWP's 105 and the servers 135 and 140of the present application may be used to embody the hardware andsoftware techniques taught in the incorporated-by reference parent CIPapplications. In some preferred embodiments, the NWP's 105 of thepresent invention support software radio extension features andIP-telephony gateway features as taught in the parent applications. Anyblocks or steps taught in the parent applications can be added to theblock diagrams or flow charts of the present application. In addition toother features, the NWP's 105 of the present invention adds new featuressuch as generalized vending and peripheral augmentation capabilities tothe access points in the parent applications. The methods 500–900 canalso be augmented with the teachings of the parent applications, whereapplicable.

FIG. 4 illustrates an embodiment of the ASP server 135. The ASP server135 includes a WAN interface 405. The WAN interface 405 can involve aLAN connection that is interconnected to a WAN, or a direct WANinterface. In most embodiments the physical layer of the WAN interfaceinvolves a wireline connection such as a fiber, a phone line, or an xDSLline. In some embodiments, the physical layer may involve a wirelessinterface, for example a WCDMA cellular link or a satellite link. In theembodiment shown, the WAN transceiver includes the upper layers of theprotocol stack, but it is understood that these upper layers can also beprovided by the operating system (not shown) and/or the applicationprograms running on the ASP server 135's hardware.

Coupled to an upper layer of the WAN interface 405 is a session controlmodule 410. The session control module implements user authenticationand access control processing. Also coupled to an upper layer of the WANinterface 405 is an application module 425. The application module 425is coupled to a storage system 430 comprising semiconductor memoryand/or disk storage memory. In some embodiments, the storage system 430is coupled to storage areas involving a user state 435. Also coupled tothe application module 425 is a mobile device configuration module 415.The mobile device configuration module keeps a record of the peripheraldevice types associated with a client device such as the mobile unit125. The mobile device configuration module is coupled to the storagearea 430 and is used to store the current device configuration of theclient device.

Also coupled to the mobile device configuration module 415 is a mobiledevice reconfiguration module 420. The mobile device configurationmodule 415 and the mobile device reconfiguration module 420 are bothcoupled to the session control module 410. In some embodiments, themobile device configuration module 415 and the mobile devicereconfiguration module 420 are implemented as a singleconfiguration/reconfiguration software module. The ASP server 135 can beimplemented as a local or a remote portal to the computer system 145. Insuch embodiments, the application 425 and part of the storage system 430can be located in the computer system 145.

In operation, the ASP server 135 provides device-customized content tomobile devices. For example, the ASP server 135 may implement XML and/orWML features that allow content to be customized for interactive displayon specific mobile units corresponding to specified models of mobileunits produced by specific manufactures. Such devices generally onlyhave hardware support for area-constrained user interfaces. When themobile unit contracts with the NWP 105, the ASP server 135 modifies theway content is delivered to the mobile unit 125 in order to accommodatethe services provided by the NWP 105. For example, the mobile unit 125and the NWP 105 become coupled together via a position-dependentecommerce session, the peripheral configuration of the mobile unit isupdated, I/O streams are redirected from the mobile unit 125 through theNWP 105, and the combination of the mobile unit 125 and the NWP 105 isable to provide a non-area constrained user interface to the user of themobile unit 125.

In an exemplary embodiment, the ASP server 135 provides a set of desktopapplications to a user. As an example, these desktop applicationsinvolve a set of application programs as would be loaded onto a desktopcomputer running the a Windows™ operating system. Depending on thecurrent mobile device configuration, the ASP server 135 delivers contentcustomized to the mobile unit 125's indigenous peripheral set or to anaugmented peripheral set as augmented by the NWP 105. When the mobileunit 125 contracts with the NWP 105 to receive a full set of desktopperipherals, a peripheral-state reconfiguration message is sent to theASP 135 in order to allow content to be customized for the reconfiguredset of peripherals.

Any of the systems of FIGS. 1–4 or the methods of FIGS. 5–9 can beimplemented using mobile Internet protocol (Mobile IP) technologies.Mobile IP is currently defined in RFC2002, RFC2003, RFC2004, RFC2005,and RFC2006. Related tunneling RFC1701 and management RFC1905 techniquesare commonly used with Mobile IP systems. As is presently discussed, thepresent invention is compatible with the current Mobile IP technologiesand the same concepts are expected to apply when future releases of theMobile IP standards become available.

With the present invention, and in accordance with Mobile IPtechnologies, a NWP 105 can be configured as a Mobile IP “foreignagent.” Meanwhile, the mobile unit 125 can be configured as a Mobile IP“mobile node” that can change its point of attachment to the Internetfrom one link to another while maintaining any ongoing communicationsusing its permanent IP (internet protocol) “home address.” In mobile IPsystems, associated with the mobile unit is a “home agent.” The homeagent is a router with a link on the mobile node's “home link.” Themobile node keeps the home agent informed of the mobile node's currentlocation. For example, the mobile unit 125 can correspond to a 3Gcellular smart phone with voice and data services. In this example thetelephony server 150 is operated by a WCDMA carrier and acts as the homeagent. In other examples, the telephony server 150 can be considered tobe a home agent other than a WCDMA carrier, but for the presentdiscussion, assume the home agent is the WCDMA carrier that suppliesvoice and data services to the mobile unit 125. The home agent receivespackets sent to the mobile IP address associated with the mobile unit125 and tunnels them to the mobile unit 125 when the mobile unit 125currently connected to the Internet via a foreign agent. The foreignagent sends a message to the home agent when the mobile unit registerswith the foreign agent so that the home agent can route packets to theforeign agent in care of the mobile unit 125. This paradigm provides forseamless roaming between homogeneous and heterogeneous networks(networks that respectively use the same or different air interfaceprotocols).

In accordance with the present invention, the NWP 105 periodically sendsout Mobile IP “agent advertisement messages” using the wLAN transceiver205. The mobile unit 125 is initially provided Mobile IP services by itshome agent, for example the telephony server 150 corresponding to a 3GWCDMA carrier (or for example a 2.5G GPRS or EDGE carrier, or a 4Gcarrier in future systems). The mobile unit 125 maintains itsalways-available IP connection with the server 150. Also, the mobileunit 125 monitors the wLAN connection to listen for agent advertisementmessages. When the mobile unit needs to access the Internet (WAN 115 ingeneral), it receives a cost parameter from the NWP 105 and compares thecost to the cost for WAN services offered by the telephony server 150.If the NWP service cost is lower, the mobile unit 125 and the NWP 105establish a position-dependent ecommerce session and the mobile unitchanges its point of attachment to the WAN 115 by selecting the NWP 105to be its foreign agent. In this case the NWP provides a lower cost WANtraffic bearer service to the mobile unit 125.

In alternative embodiments, the mobile unit can establish theposition-dependent ecommerce session using other means than receivingthe agent advertising messages. For example any of the aforementionedmethods used to initiate the establishment of a position-dependentecommerce session can be used to initiate a foreign-agent session withthe NWP 105. These alternative methods of session initiation may bedesirable to conserve power to allow the wLAN transceiver to be powereddown. In general, Mobile IP technology can be used with any of thesystems and methods taught herein to provide seamless roaming betweenNWP providers and larger carrier providers. For example, a voicetelephone call could be implemented using voice-over-Internet technologyand the aforementioned methods could be used to reroute the call to anNWP access point.

For example, in a mobile unit, a method of least-cost packet routinginvolves a mobile unit that receives a mobile IP home agentadvertisement from a wWAN carrier such as the server 150. The mobileunit registers with the home agent. Traffic that is sent to the mobileIP address associated with the mobile unit is thereby directed to themobile unit via a link between the mobile unit 125 and the telephonyserver 150, e.g., via the wWAN transceiver 310. Next the mobile unit 125receives a mobile IP foreign agent advertisement from the NWP 105 viathe wLAN transceiver 305. The mobile unit 125 then compares a monetarycost associated with traffic bearer services provided by both the wWANcarrier (e.g., 150) and wLAN access point (NWP 105). If the bearerservice cost associated with the NWP 105 wLAN is lower, the mobile unitregisters with the NWP 105 to cause the network attachment pointassociated with the mobile unit's mobile IP address to be reassociatedwith the NWP 105. That is, the NWP 105 becomes the foreign agent of themobile unit 105, and the mobile unit 125 compensates the NWP 105 byestablishing a position-dependent ecommerce session and providingpayment using any of the payment methods as discussed in connection withprevious and subsequent methods.

Referring now to FIG. 5, a method 500 is illustrated in block diagramform. The method 500 is practiced by the NWP 105 or a similar device.First the NWP 105 establishes communication with the mobile unit 125(505). The communication may be established via the wLAN link 120. Aspreviously discussed, in some embodiments initial communication isestablished via the WAN 115.

Once initial communication has been established, a handshaking sequenceis executed (510) with the mobile unit 125 to establish aposition-dependent ecommerce session. The position-dependent ecommercesession is established according to any of the previously discussedprocedures involving the wLAN connection 120 or the WAN 115. Varioustypes of user authentication and session encryption (e.g., IPSEC, VPN,and certificate authority-based techniques) are preferably used tosecure the link between the NWP 105 and the mobile unit 125.

Next a billing arrangement is negotiated (515) with the mobile unit 125.The mobile unit 125 typically supplies digital debit, a credit cardaccount, a debit account, or a customer account number to set up thebilling associated with the position-dependent ecommerce session. Asnoted hereinabove, in some instances the NWP services may be providedfree of charge, for example to entice a customer to patronize to arestaurant or hotel. In such cases the billing 515 involves no-charges.

Once the session is established and the billing has been authorized, theNWP 105 supplies at least one product and/or service to the mobile unit125 (520). As discussed previously, the NWP can act as a wirelesslycontrolled vending machine whereby the mobile unit 125 acts as a digitalauthentication and payment device that controls digital debitdisbursement, credit card transactions and/or customer accounttransactions. The NWP 105 may vend for example, candy bars, soft drinksor other products dispensable by a vending machine. Likewise, the NWP105 may grant access to an event such as a sports event, a concert, ormovie. The NWP 105 may provide access to other types of services such asa doctor's office visit. The NWP may also provide computerizedperipheral services such as the supplying of a full set of desktopperipherals and/or a use of a temporary wireline connection for voice,video and/or data. Another service that the NWP 105 may supply is powerservice. That is, the NWP may contract to activate a power connector foruse by the mobile unit 125 for immediate use and to recharge a batteryin the mobile unit 125. Similarly, the NWP 105 can provide telephonyservices by acting as an IP-telephony gateway to provide lower costtelephony services to the mobile unit 125.

The NWP may also provide information services, such as where a user canfind a specific product, service or professional in a specifiedlocality. In such cases the NWP 105 acts as an information kiosk thatsupplies information and transmits it to the mobile unit. For example auser may request information from an information kiosk and theinformation kiosk may supply a file that includes hyperlinks to relatedinformation and directions from the mobile unit's current location tothe product or service of interest. If the mobile unit supports GPS, theinformation kiosk may supply a Java applet that allows the mobile unitto receive position-dependent directions from a current location to thedesired destination.

Or, the NWP may provide other types of services such as a videoconferencing peripheral augmentation or a video viewing extension. Insome cases, the NWP 105 may be configured to download purchased softwareor data files to a user, for example, music, video or applicationprograms. NWP's can also be configured to process orders. Alternatively,an NWP can be set up in a restaurant to provide a digital menu and toallow the user to place an order from his smart phone. Similarly, a userin a store might make a purchase from his smart phone and the NWP couldprint out a receipt. In such systems the NWP may also provide a bar codereader to help the user ring up a set of products. This service wouldallow users to make purchases without standing in line. A human orelectronic validation system would be used to ensure the user purchaseditems properly prior to leaving the store.

Optionally, the NWP 105 generates an invoice for services rendered(525). This invoice may be a digital invoice that is used as anintermediate data record used to charge the user for the product orservice rendered. The mobile unit 125 is also optionally billed for theproduct or service provided by the NWP 105.

The method 500 also defines a business method. An NWP-business involvessupplying one or more NWP access points as illustrated in FIG. 1. Thebusiness method also involves negotiating a price for supplyingperipheral services to a mobile unit (515). The business method alsoinvolves supplying a product or service to the mobile unit (520). Inspecific embodiments of the business method, the product or serviceinvolves temporarily providing an augmented set of peripherals for useby the mobile unit 125. Any of the other products or services listedabove can also be sold by the NWP 105, as well as other products andservices not explicitly listed herein. An exhaustive enumeration of allproducts and services that can be sold by an NWP 105 would be excessive.The business method also involves charging for providing the product orservice by the NWP 105 (525). In a specific embodiment, 525 involvesproviding an extended set of peripherals to the mobile unit 125.

FIG. 6 is a flowchart illustrating an embodiment of a method 600 ofprocessing in the mobile unit 125. The mobile unit 125 provides adevice-specific (e.g., smart phone) user interface to a user (605). Thedevice specific user interface involves an operating system thatsupplies an interactive image or set of buttons to a user. In someembodiments the operating system provides a speech recognition basedvoice interface, and in still other implementations a combination oficon screen images, physical buttons, and a voice interface is used tobuild a hybrid type of user interface. For example, the device-specificuser interface allows the user to activate application programs, placetelephone calls, and interact with networked data servers such asInternet servers. In the discussion that follows, the mobile unit 125 isassumed to be a smart phone.

A WAN communication link is provided by the smart phone (610). The WANcommunication link can be implemented, for example, using 2.5G, 3G orthe emerging 4G mobile communication system technologies. In the future,later generation cellular or PCS systems may be similarly used. The WANlink can connect the mobile unit 125 to the public switched telephonenetwork, the Internet, a satellite communications and/or data network,or other types of networks such as a dedicated WAN operated by agovernment organization or a large private enterprise.

A position-dependent ecommerce session is established with the NWP 105(615). In some preferred embodiments, the position-dependent ecommercesession is established using a short-range wireless protocol such asIEEE 802.11, Bluetooth™, HiperLAN™, HomeRF™, or DECT™. In someembodiments, the position-dependent ecommerce session is established viathe WAN connection using any of the previously discussed techniques forestablishing a position-dependent ecommerce session via a WAN.

Also, a billing contract is negotiated (620). This can be done in usingdigital debit, a credit card transaction, or a subscriber accounttransaction as previously discussed. Computer security methods such asuser authentication, certificates and session encryption are preferablyemployed to protect from various forms of fraud.

For example, in a preferred embodiment, an IPSEC-compliant VPN is set upbetween the NWP and the NWP management server 140, and an IPSEC-securedIEEE 802.11 or Bluetooth™ connection is established between the mobileunit 125 and the NWP 105. The mobile unit 125 sends its accountinformation to the NWP 105 and the NWP 105 sends the account informationto the NWP management server 140. In this example IPSEC digitalsignatures and encryption keys are used to authenticate the identity ofthe user and are also used for access control. In some embodiments theuser may be further asked to supply a password to protect form thescenario where the mobile unit 125 is stolen and falls into the wronghands. An override, like “remember user password” may be supplied sothat the user does not have to reenter passwords for those who find thisextra layer of password protection cumbersome.

Next, a peripheral configuration is modified in the mobile unit 125(625). In a preferred embodiment the mobile unit's OS has a registry orsome related type of data structure that lists the devices and/or devicedrivers in current use by the mobile unit 125. The registry is updatedso that the local peripherals become temporarily disabled and theperipherals of the NWP 105 become enabled. In some embodiments theregistry is updated so that the NWP peripherals are added but the localperipherals may remain enabled. In this type of embodiment both theoriginal and augmented sets of peripherals are available at the sametime. In such cases, the NWP peripheral set can take precedence over thelocal peripherals so that the ASP server 135 can deliver contentcustomized to the NWP-expanded peripheral set. In other embodiments, theserver 135 and/or the NWP management server 140 can deliver content toboth the NWP-augmented peripherals and the local peripherals of themobile unit 125.

Once reconfigured, the mobile unit 125 runs an application program usingthe extended peripheral set (630). The extended peripheral set includesat least some of the peripherals supplied by the NWP 105. For example,if the NWP 105 supplies a full-sized display monitor, keyboard andmouse, the user can work on a desktop application using the newperipheral set. The desktop application may reside inside of the mobileunit 125 and may represent a program such as a Microsoft Excel™spreadsheet. Likewise, the application may run on a remote server suchas the ASP server 135. In such a case, the ASP server practices a methodsuch as the method 700 described below.

Because the OS in the mobile unit has been modified to include theextended peripheral set as supplied by the NWP 105, the applicationprogram's I/O is redirected to the extended peripheral set. If theapplication is local, the application is preferably sent a message fromthe OS to let it know that the augmented peripheral set is being used.This is necessary in many embodiments because the application programneeds to customize the user interface differently for a small display.When a full sized display is in tact, the application supplies a UIcustomized to a full-sized display. In such embodiments, the OSpreferably sends a message, interrupt or signal to the application toallow the application to alter its user interface. When the applicationruns remotely on the ASP server 135, a peripheral-set reconfigurationmessage is sent to the ASP server 135. In a preferred embodiment, themobile unit invokes methods on one or more stub objects using overloadedmethod invocations so that processing with an extended set ofperipherals is largely transparent to the software in the mobile unit125.

Referring now to FIG. 7, an embodiment of a method 700 practiced by theASP server 135 is illustrated in flow chart form. A peripheralconfiguration of a mobile unit 125 is identified (705). The peripheralconfiguration may be identified specifically, or the manufacture andmodel number of the mobile unit 125 may be supplied to identify theperipheral configuration. If the mobile unit initiates a session withthe ASP server 135 while already connected to the NWP 105, then theinitial peripheral configuration is delivered to reflect the current setof available peripherals. An ASP client-server session is nextestablished with the mobile unit 125 (710). This session preferably issecured via IPSEC, VPN, SSL and/or other network security technologies.The ASP server 135 next sends to the mobile unit 125 content that iscustomized to run on the mobile unit given its present peripheralconfiguration (715).

Next a peripheral reconfiguration message is received at the ASP server135 via the WAN 115 (720). This message is received when the mobile unit125 executes the step 625 and sends a peripheral reconfigurationmessage. For example, if the mobile unit connects or disconnects with anNWP 105 that supplies peripheral augmentation services, a peripheralreconfiguration message will be sent to the ASP server 135.

Next the ASP server updates a variable that defines the peripheralconfiguration of the mobile unit 125 (725). This reconfigurationreflects the mobile unit 125's current set of peripherals. The ASPserver 135 next supplies content customized for the reconfigured set ofperipherals of the mobile unit 125 (730). This content is customized fora different set of peripherals than the content that was delivered atstep 715.

Optionally, a customer is billed for the use of ASP services (735). Thecustomers may represent individual users, or may involve enterprisecustomers. Enterprise customers may pay a subscription fee for ASPservices or may pay a licensing fee for incorporating the ASP server 135as a portal to the computer system 145. Any of the previously discussedbilling strategies (digital debit, credit card transactions, . . . ) canbe used with the ASP server 135, but customers preferably use asubscription account (e.g., with fixed monthly fees and/usage-dependentfees) to access the ASP server 135. In some business methods, customersreceived ASP services for free and revenue is collected by other meanssuch as banner advertising or other forms of Internet advertising.

In a specific type of embodiment, ASP server 135 is configured to supplyglobal desktop services to allow users to access a set of applicationsand file system directories as would be available from a home/officecomputer desktop UI. As discussed previously, the ASP server can beimplemented as a portal to the computer system 145. The portal may beinstalled directly into the computer system 145 or can be suppliedremotely using TCP/IP and VPN tunneling techniques.

The method 700 also defines a business method. An ASP-business involvessupplying one or more ASP servers 135 as illustrated in FIG. 1. In apreferred embodiment of the business method 700 the business suppliesthe ASP server 135. The ASP server 135 supplies a service such as theglobal desktop UI as discussed above. As per step 715, the ASP server135 provides a representation of the desktop UI customized for use withthe mobile unit 125. As per the step 720, the ASP server 135 accepts aparameter representative of the existence a modified set of peripheraldevices available to the mobile unit 125 due to the contracting of a setof negotiated wireless peripheral services. As per step 730, the ASPserver provides a second representation of the desktop UI for use withthe modified set of peripherals.

As per 735, the business method also involves maintaining a customerbase of users for global desktop services and charging users monthlyand/or usage dependent fees for using the global desktop services. Thesefees are charged to supply users with access to desktop applications toinclude email, spreadsheets, and/or other applications available ontheir home or office systems. For example a user in the field may wishto connect up with an NWP to access a full-sized desktop UI and use theglobal desktop service to launch a web browser. Once using the webbrowser, the user may wish to access his or her own personal set ofbookmarks. In embodiments where the end customer is an enterprise andthe ASP server 135 is a portal running on the computer system 145, thebusiness method involves collecting a licensing fee to allow the ASPserver software to supply services from the home/office computer 145.

The method 700 can be modified to provide a product or service otherthan a peripheral augmentation service. As previously discussed, the setof NWP devices can in general be vending machines that vend productsand/or services. As discussed below in connection with in the method900, the NWP's can also be configured as physical access control devicesfor vents such as movies, concerts, or sporting events. In such cases,the ASP server 135 serves as a merchant web site that vends productsand/or services. The NWP devices serve as point of presence outlets forthe ASP server 135 that is configured as a vending server 135. In thismethod, 715 is modified to send a message to instruct an NWP to providea product or service. Steps 720, 725, and 730 are omitted and a fee iscollected as per 735.

Referring now to FIG. 8, an embodiment of a method 800 for sellingfederated-negotiated wireless peripheral services with the assistance ofassociates is provided. The federated-negotiated wireless peripheralservices are accessible to users of a system that provides applicationservices to allow users to access server-side services using extendedperipheral configurations and/or other products and/or services suppliedby a federation of NWP's. See also the parent applications and note themethods taught therein involving associates can be augmented with theNWP's of the present invention.

The method involves enrolling associates using an on-line registrationsystem (805). Each the associate supplies one or more NWP's into anetwork of NWP's. Each associate also indicates one or more servicesprovided by the NWP device supplied by the associate. In some instancesthe associate may purchase an NWP device and the NWP device itself mayprovide an electronic indication of the peripheral services supplied bythe device. In some cases the associate and/or the NWP device may simplysupply a manufacturer and model number of the NWP system and the servermay derive the set of services supplied by the NWP device from thisinformation.

The method 800 also involves establishing a network session with thenegotiated wireless peripheral device (810). The network session isestablished between the NWP management server 140 and the NWP 105. Inpreferred embodiments, a VPN technology is used to allow the NWPmanagement server 140 to securely communicate with its associated NWPdevices.

The method also involves receiving via the session an indication of arequest by the mobile unit 125 for use of a service provided by the NWP105 (815). As discussed previously, a position-dependent ecommercesession is established between the mobile unit 125 and the NWP 105. Thissession is preferably secured using authentication and encryptiontechniques as supplied by IPSEC and/or related VPN technologies. Abilling arrangement is negotiated with the mobile unit 125 to contractwith the NWP 105 (820). As discussed previously, the billing arrangementmay involve digital debit, a credit card transaction, a subscriberaccount, or a license or contract with an enterprise.

Once the user has been authenticated and the service billing terms havebeen verified, the associate's NWP device supplies peripheral servicesto the mobile unit 125 (825). An invoice is then optionally generatedfor the NWP services rendered (830). The customer is then optionallybilled for the NWP services (835). This may involve a usage fee, asubscription fee, or an enterprise-wide licensee, for example.

The associate who supplied the NWP is paid for providing the NWP nodeused in the federation of NWP nodes. The fee paid to the associate canbe usage based so that the busiest NWP nodes produce the most revenuesto the associate, or the associate may be paid as flat fee such as amonthly fee for supplying the NWP node.

In an alternative embodiment of the method 800, a company installs itsown base of NWP access points. In this version, 805 involves installinga plurality of geographically dispersed NWP devices. The modified method800 can be implemented along with the federated version of the method800 at the same time. In this case a company installs a base of NWPdevices but allows associates to augment the installed base so thatcoverage may be deployed more quickly and into markets not supported bythe company's installed based of NWP systems. In the modified method800, when a user accesses an NWP installed by the company, the step ofpaying the associate is omitted and the company retains theusage/subscription fee. In systems where a federation of NWP's is usedto augment an installed base of NWP's, the fee is paid only for the NWPaccess points supplied by associates. The method 800 and the modifiedmethod 800 constitute business methods.

The method 800 can be modified in yet another way. In either of theversions of the method 800, the step 825 can be modified to provide aproduct or service other than a peripheral augmentation service. Aspreviously discussed, the set of NWP devices can in general be vendingmachines that vend products and/or services. As discussed below inconnection with in the method 900, the NWP's can also be configured asphysical access control devices for vents such as movies, concerts, orsporting events.

Referring now to FIG. 9, an embodiment of a method 900 of sellingtickets to events is illustrated in block diagram form. Electronictickets are offered for sale via a merchant web site (905). The merchantweb site receives via a communications network (e.g., WAN 115) an orderfor a set of tickets from an on-line customer (910). The on-linecustomer may be coupled to the WAN 115 by a standard wireline connectionor via a wireless connection.

Next, the merchant web site initiates an encryption algorithm thatgenerates a digitally signed and/or certified representation of the setof tickets (915). That is, public/private key and certificate-basedencryption and/or authentication algorithms are preferably used togenerate an authenticatable and non-duplicable set of tickets (ingeneral, an encryption algorithm is applied). Such tickets are referredto herein as “encrypted tickets” because encryption-based algorithms areused to generate a set of tickets that can be protected from duplicationand other forms of fraud. The tickets may be password protected and/orprotected by a private key belonging to the on-line customer whopurchased the tickets.

The encrypted ticket set preferably incorporates a public and/or privatekey associated with the on-line customer and/or makes use of a digitalcertificate as provided by a certificate authority. Preferably theencrypted tickets involve a digital signature that can only be generatedby the on-line customer because the digital signature can only be madewith knowledge of the on-line customer's private key. Likewise thetickets include a digital signature that can only be made with knowledgeof a private key held by the merchant web site and/or the certificateauthority. Next, the encrypted tickets are transmitted to the on-linecustomer via the communications network such as the WAN 115 (925).

Up to this point, the steps of the method 900 are practiced by themerchant web site. The following steps are practiced by an NWP. In themethod 900, the NWP 105 acts as a ticket receiving module and physicalaccess control device. The NWP may be deployed by an associate, the samecompany as the merchant web site, or by a company involved in events forwhich the tickets are sold.

The NWP 105 engages in a handshaking sequence with the mobile unit 125to establish a position-dependent ecommerce session as discussedpreviously (925). The position-dependent ecommerce session preferablymakes use of the public key and the private key associated with theon-line customer. As discussed previously, the public and private keysmay be used in secure session communication, or may alternatively beused in a security association set-up phase to agree on a shared secretto be subsequently used to secure session communications using a lowercost encryption algorithm.

A security association involves an agreed upon set of securityparameters (e.g., keys) that are used to support a secure channel orsession between two or more network entities. A security process ishardware or software code that uses the security association along withan encryption algorithm to provide authenticated and/or encryptedtransmissions. In general, the encryption algorithm may involve theapplication of an authentication-based encrypted hash function toprovide a digital signature. In a specific case of an encryptionalgorithm, a cipher is applied to a message to scramble it and make itunreadable to third parties who do not have access to the parameters ofthe security association.

The NWP 105 receives via the position-dependent ecommerce session theencrypted tickets (930). The NWP 105 next checks the ticket's validity,and if valid, generates an acknowledgement signal indicating theencrypted tickets are acceptable (935). In one embodiment, thecustomer's digital signature encoded into the encrypted tickets ispreferably compared to the digital signature used in the establishmentof the position-dependent ecommerce session. In other embodiments, apassword is used to authenticate the mobile unit 125 as the proper ownerof the digital tickets. This option allows the tickets to be transferredfrom one person to another.

The NWP 105 next grants entrance to the event based upon theacknowledgement (940). In some instances a human guard will work withthe NWP 105 to provide access control to the event. In such cases theNWP 105 provides an indication to the guard indicating the number ofvalid tickets received. The display also optionally notifies the guardof the seat locations so the guard can help direct the holder of thetickets to their seats. In a preferred embodiment, information in theelectronic tickets can be processed to provide a set of directions tohelp the user find their seats. Gate numbers, aisle numbers, and seatnumbers can preferably be read from the display of the mobile unit 125.In mobile units that support GPS or other location identificationtechnologies, an application program can be executed to provideturn-by-turn directions to help the user find their seats. In otherembodiments, the step 940 involves opening a physical access gate. Thephysical access gate allows individuals to pass through and iselectronically controlled by the NWP 105.

While the method 900 has been defined for selling tickets to events andcontrolling access at events, the method 900 can be modified to a methodof selling tokens. A token is similar to digital debit, but instead ofbeing digital cash, a token represents a digital coupon for a specificproduct or service. The step 910 is modified to receive an order for atoken instead of a ticket. The step 940 is modified to involve providinga product or service to the on-line customer upon the proper receptionof the token. This allows a customer to order a product or service via anetwork connection such as the Internet. Then it allows the on-linecustomer to use the mobile unit 125 to pass the token to the NWP 105 viaa position-dependent ecommerce session. The NWP 105 then dispenses thepre-paid product or service, or supplies an information display to ahuman who then provides the product or service once the NWP indicatesthe customer has pre-paid and has been properly authenticated.

Although the present invention has been described with reference tospecific embodiments, other embodiments may occur to those skilled inthe art without deviating from the intended scope. For example the NWP105 can serve to provide peripheral augmentations to the mobile unit125, but, as discussed above, the NWP 105 can more generally act as awirelessly controlled vending device for products and/or services. Also,while many of the embodiments discussed herein discuss an ASP server135, it is understood that the functions of the ASP server 135 can beimplemented as a portal to the home/office computer system 145. Whileapparatus is generally described using block diagrams, some of theseblock diagrams, taken with their associated textual descriptions definemethods practiced by the apparatus. Also, the ASP server can provideother products and services beside global desktop services. While themobile unit 125 is often described as being a smart phone, it cancorrespond to other types of devices such as wireless data-only devices.While position-dependent ecommerce sessions are described as beingbetween the mobile unit 125 and the NWP 105, in some embodiments, theNWP management server 140 can be involved in the session as a proxy orcan otherwise act on behalf of the NWP 105 in position-dependentecommerce sessions. In the method 900, the order of various steps can bechanged. In any of the method taught and/or claims herein, the order ofthe steps, substeps or actions may be altered wherever such a changedoes not render the method inoperable. Therefore, it is to be understoodthat the invention herein encompasses all such embodiments that do notdepart from the spirit and scope of the invention as defined in theappended claims.

1. For use in a system comprising a vending management server and acustomer-physical-access admission station that performs anadmission-gate opening function and includes a wireless interface tocommunicate with one or more user wireless devices to include aparticular user wireless device associated with a particular user, amethod of wirelessly selling admissions, the method comprising:wirelessly establishing a position-dependent ecommerce session with theparticular user wireless device; engaging in a handshaking sequence thatincludes wirelessly receiving via the position-dependent ecommercesession from the particular user wireless device a digital customerpayment for providing the admission-gate opening function; if thedigital customer payment is found to be valid in a testing, generatingan admission-grant signal indicating to allow the particular user topass through an admission gate; evaluating information received via theposition-dependent ecommerce session to determine a particulardestination beyond the admission gate that corresponds to the particulardestination of the particular user; and wirelessly transmitting to theparticular user wireless device an indication of a set of directions tohelp the particular user physically navigate to the particulardestination.
 2. The method of claim 1, wherein the position-dependentecommerce session is established between the customer-physical-accessadmission station and the particular user wireless device.
 3. The methodof claim 1, wherein the position-dependent ecommerce session isestablished between the vending management server and the particularuser wireless device.
 4. The method of claim 1, further comprising:establishing a network communication session between the vendingmanagement server and the customer-physical-access admission station viaa communication network.
 5. The method of claim 3, wherein theposition-dependent ecommerce session comprises: a path through a wLANnetwork that offers short range wireless packet access; a path through aportion of a wired Internet.
 6. The method of claim 4, wherein theposition-dependent ecommerce session is established between the vendingmanagement server and the particular user wireless device via thenetwork communication session.
 7. The method of claim 4, wherein theposition-dependent ecommerce session is established between thecustomer-physical-access admission station and the particular userwireless device; and further comprising: using the network communicationsession to pass information between the customer-physical-accessadmission station and the vending management server to support thetesting.
 8. The method of claim 4, further comprising: thecustomer-physical-access admission station interacting via thecommunication network with the vending management server, and thevending management server provides customer authentication support inestablishing the position-dependent ecommerce session and databasesupport in performing the testing.
 9. The method of claim 1, furthercomprising: executing in the particular user wireless device at least aportion of a cryptographic algorithm that encodes a digital signatureassociated with the customer; and wherein the digital signature isgenerated using a public/private key cryptography algorithm, and thedigital signature is used to provide security protection to a member ofthe group consisting of the position-dependent ecommerce session and thedigital customer payment.
 10. The method of claim 1, wherein the digitalcustomer payment comprises data encoded by a cryptographic algorithmthat includes a digital signature component that is associated with akey from a certificate authority.
 11. The method of claim 1, wherein thecustomer-physical-access admission station performs at least a portionof the testing.
 12. The method of claim 1, wherein the testing involvesexecuting a cryptographic authentication algorithm that verifies a useridentity and reads and decodes a coded data segment that includes adigital signature component from a certificate authority.
 13. The methodof claim 1, wherein the digital customer payment is a member of thegroup consisting of a payment from a debit account, a payment from acredit account, a digital cash instrument, and an authentication thatthe particular user is a known user with an associated subscribernumber.
 14. The method of claim 1, wherein the customer-physical-accessadmission station comprises a physical access gate that is automaticallyopened in response to the admission-grant signal.
 15. The method ofclaim 1, wherein the customer-physical-access admission stationcomprises a physical access gate tat is controlled by a physical accesscontrol employee, and the method further comprises: generating, inresponse to the admission-grant signal, a user interface indication thatsignals to the employee to admit the particular user into a physicalarea beyond the physical access gate.
 16. The method of claim 1, whereinthe customer-physical-access admission station comprises a physicalaccess gate that is controlled by a physical access control employee,and the method further comprises: generating, in response to theadmission-grant signal, a user interface indication that signals to theemployee an indication of a number of how many valid admissions werereceived.
 17. The method of claim 1, wherein the admission gate opens toa physical area that includes a set of seats of which the particularuser is assigned a particular seat; and the particular destinationcorresponds to the particular seat.
 18. The method of claim 17, themethod further comprising: wirelessly transmitting to the particularuser wireless device associated with the particular an update to the setof directions to help the particular user physically navigate as theparticular user advances toward the particular seat.
 19. The method ofclaim 1, wherein the admission gate provides the customer physicalaccess to a member of the group consisting of a sporting event, aconcert, a movie and a location where a providing of a service to thecustomer will be initiated.
 20. For use in a system comprising a vendingmanagement server and a wireless-vending station that performs aproduct-dispensing function and includes a wireless interface tocommunicate with one or more user wireless devices to include aparticular user wireless device, a method of wirelessly sellingproducts, the method comprising: wirelessly establishing aposition-dependent ecommerce session with the particular user wirelessdevice; engaging in a handshaking sequence that includes wirelesslyreceiving via the position-dependent ecommerce session from theparticular user wireless device a digital customer payment for providingthe product-dispensing function; if the digital customer payment isfound to be valid in a testing, generating a product-grant signalindicating to dispense the product to the customer; and in response tothe product-grant signal, wirelessly transmitting to the particular userwireless device via the position-dependent ecommerce session one or moredata files corresponding to a member of the group consisting of adigital music file type and a digital video file type.
 21. The method ofclaim 20, wherein the position-dependent ecommerce session isestablished between the wireless-vending station and the particular userwireless device.
 22. The method of claim 20, wherein theposition-dependent ecommerce session is established between the vendingmanagement server and the particular user wireless device.
 23. Themethod of claim 20, further comprising: establishing a networkcommunication session between the vending management server and thewireless-vending station via a communication network.
 24. The method ofclaim 22, wherein the position-dependent ecommerce session comprises: apath through a wLAN network that offers short range wireless packetaccess; and a path through a portion of a wired Internet.
 25. The methodof claim 23, wherein the position-dependent ecommerce session isestablished between the vending management server and the particularuser wireless device via the network communication session.
 26. Themethod of claim 23, wherein the position-dependent ecommerce session isestablished between the wireless-vending station and the particular userwireless device; and further comprising: using the network communicationsession to pass information between the wireless-vending station and thevending management server to support the testing.
 27. The method ofclaim 23, further comprising: the wireless-vending station interactingvia the network communication session with the vending management serverwhich provides customer authentication support in establishing theposition-dependent ecommerce session and database support in performingthe testing.
 28. The method of claim 20, further comprising: executingin the particular user wireless device at least a portion of acryptographic algorithm that encodes a digital signature associated withthe customer, and wherein the digital signature is generated using apublic/private key cryptography algorithm, and the digital signature isused to provide security protection to a member of the group consistingof the position-dependent ecommerce session and the digital customerpayment.
 29. The method of claim 20, wherein the digital customerpayment comprises data encoded by a cryptographic algorithm thatincludes a digital signature component that is associated with a keyfrom a certificate authority.
 30. The method of claim 20, wherein thewireless-vending station performs at least a portion of the testing. 31.The method of claim 20, wherein the testing involves executing acryptographic authentication algorithm that verifies a user identity andreads and decodes a coded data segment that includes a digital signaturecomponent from a certificate authority.
 32. The method of claim 20,wherein the digital customer payment is a member of the group consistingof a payment from a debit account, a payment from a credit account, anda digital cash instrument.
 33. The method of claim 20, wherein the oneor more data files correspond to the digital music file type.
 34. Themethod of claim 20, wherein the one or more data files correspond to thedigital video file type.
 35. The method of claim 34, wherein theparticular user wireless device corresponds to a wireless handheldphone.
 36. For use in a system comprising an application serviceprovider (ASP) server and a wireless access station that includes awireless interface to communicate with one or more user wirelesshandheld phones to include a particular user wireless handheld phone, amethod comprising: establishing an ecommerce session between the ASPserver and the particular user wireless handheld phone via the wirelessaccess station, wherein the ecommerce session is position-dependent inthat establishment of the ecommerce session is enabled by positioningthe particular user wireless handheld phone within a coverage area ofthe wireless access station; engaging in a handshaking sequence thatincludes receiving via the ecommerce session and the wireless accessstation from the particular user wireless handheld phone a digitalcustomer payment; and if the digital customer payment is found to bevalid in a testing, transmitting to the particular user wirelesshandheld phone via the ecommerce session and the wireless access stationone or more digital music data files.
 37. The method of claim 36,wherein the wireless access station comprises a public-access wirelesslocal area network access station that provides Internet access.
 38. Themethod of claim 36, wherein the wireless access station comprises apublic-access wireless local area network access station that providesInternet access services upon payment provided by the particular userwireless handheld phone using a member of the group consisting of acredit account, a debit account, a digital cash instrument, and anauthentication that the particular user wireless handheld phone isassociated with a particular account holder of the Internet accessservices.
 39. The method of claim 34, further comprising: establishingan additional ecommerce session between the particular user wirelesshandheld phone and the wireless access station, wherein the additionalecommerce session includes a granting of Internet access services by thewireless access station in response to a payment provided by theparticular user wireless handheld phone using a member of the groupconsisting of a credit account, a debit account, a digital cashinstrument, and an authentication that the particular user wirelesshandheld phone is associated with a particular account holder of theInternet access services.
 40. The method of claim 39, wherein theecommerce session and the additional ecommerce session are unrelatedsessions.
 41. The method of claim 39, wherein the ecommerce session andthe additional ecommerce session are independent sessions.
 42. Themethod of claim 34, wherein the wireless access station is a basestation of a cellular communications network that provides wirelessInternet access.
 43. The method of claim 36, wherein the wireless accessstation comprises a public-access wireless local area network accessstation that provides Internet access.
 44. The method of claim 36,further comprising: executing in the particular user wireless handheldphone at least a portion of a cryptographic algorithm that encodes adigital signature associated with the customer, the digital signature isgenerated using a public/private key cryptography algorithm and thedigital signature is used to provide security protection to a member ofthe group consisting of the ecommerce session and the digital customerpayment.
 45. The method of claim 36, wherein the wireless access stationcomprises a wLAN access station that provides Internet access.
 46. Themethod of claim 36, wherein the particular user wireless handheld phoneis a wireless handheld smart phone.
 47. The method of claim 36, whereinthe wireless access station comprises a wWAN access station thatprovided Internet access.
 48. The method of claim 36, wherein thedigital customer payment is a member of the group consisting of apayment from a debit account, a payment from a credit account, and adigital cash instrument.
 49. The method of claim 36, wherein theparticular user wireless handheld phone is a wireless handheld smartphone that provides cellular telephony service, and personal digitalassistant application program services.
 50. The method of claim 36,wherein the particular user wireless handheld phone is a wirelesshandheld smart phone that provides telephony service, wireless localarea network access service, and personal digital assistant applicationprogram services.
 51. The method of claim 36, wherein the particularuser wireless handheld phone is a wireless handheld smart phone thatprovides cellular telephony service, wireless local area network accessservice, Internet access service, and a roaming service that supportsroaming between a cellular network and one or more wireless local areanetwork access stations.
 52. The method of claim 36, wherein theparticular user wireless handheld phone is a wireless handheld smartphone that provides cellular telephony service, wireless local areanetwork access service, and a video conferencing user interface.
 53. Foruse in a system comprising an application service provider (ASP) serverand a wireless access station that includes a wireless interface tocommunicate with one or more user wireless handheld phones to include aparticular user wireless handheld phone, a method comprising:establishing an ecommerce session between the ASP server and theparticular user wireless handheld phone via the wireless access station,wherein the ecommerce session is position-dependent in thatestablishment of the ecommerce session is enabled by positioning theparticular user wireless handheld phone within a coverage area of thewireless access station; engaging in a handshaking sequence thatincludes receiving via the ecommerce session and the wireless accessstation from the particular user wireless handheld phone a digitalcustomer payment; and if the digital customer payment is found to bevalid in a testing, transmitting to the particular user wirelesshandheld phone via the ecommerce session and the wireless access stationone or more digital video content files.
 54. The method of claim 53,wherein the wireless access station comprises a public-access wirelesslocal area network access station that provides Internet access.
 55. Themethod of claim 53, wherein the wireless access station comprises apublic-access wireless local area network access station that providesInternet access services upon payment provided by the particular userwireless handheld phone using a member of the group consisting of acredit account, a debit account, a digital cash instrument, and anauthentication that the particular user wireless handheld phone isassociated with a particular account holder of the Internet accessservices.
 56. The method of claim 53, further comprising: establishingan additional ecommerce session between the particular user wirelesshandheld phone and the wireless access station, wherein the additionalecommerce session includes a granting of Internet access services by thewireless access station in response to a payment provided by theparticular user wireless handheld phone using a member of the groupconsisting of a credit account, a debit account, a digital cashinstrument, and an authentication that the particular user wirelesshandheld phone is associated with a particular account holder of theInternet access services.
 57. The method of claim 53, wherein theecommerce session and the additional ecommerce session are unrelatedsessions.
 58. The method of claim 56, wherein the ecommerce session andthe additional ecommerce session are independent sessions.
 59. Themethod of claim 53, wherein the wireless access station is a basestation of a cellular communications network that provides wirelessInternet access.
 60. The method of claim 53, wherein the wireless accessstation comprises a public-access wireless local area network accessstation that provides Internet access.
 61. The method of claim 53,further comprising: executing in the particular user wireless handheldphone at least a portion of a cryptographic algorithm that encodes adigital signature associated with the customer, the digital signature isgenerated using a public/private key cryptography algorithm, and thedigital signature is used to provide security protection to a member ofthe group consisting of the ecommerce session and the digital customerpayment.
 62. The method of claim 53, wherein the wireless access stationcomprises a wLAN access station that provides Internet access.
 63. Themethod of claim 53, wherein the particular user wireless handheld phoneis a wireless handheld smart phone.
 64. The method of claim 53, whereinthe wireless access station comprises a wWAN access station thatprovides Internet access.
 65. The method of claim 53, furthercomprising: wirelessly communicating with an external video viewingdevice that is external to the particular user wireless handheld phone,wherein the external video viewing device provides a non-areaconstrained display; and wirelessly coupling from the particular userwireless handheld phone to the external video viewing device wirelesssignals to thereby cause a motion video image related to the digitalvideo content to be displayed on the non-area constrained display. 66.The method of claim 53, wherein the particular user wireless handheldphone is a wireless handheld smart phone that provides cellulartelephony service, and personal digital assistant application programservices.
 67. The method of claim 53, wherein the particular userwireless handheld phone is a wireless handheld smart phone that providestelephony service, wireless local area network access service, andpersonal digital assistant application program services.
 68. The methodof claim 53, wherein the particular user wireless handheld phone is awireless handheld smart phone that provides cellular telephony service,wireless focal urea network access service, Internet access service, anda roaming service that supports roaming between a cellular network andone or more wireless local area network access stations.
 69. The methodof claim 53, wherein the particular user wireless handheld phone is awireless handheld smart phone that provides cellular telephony service,wireless local area network access service, and a video conferencinguser interface.